User avatar G
Guest

How to Create a JSON Seed File for Roles and Permissions in QAuth

Learn how to design and seed roles and permissions in QAuth using a JSON file. Covers file structure, naming conventions, wildcard grants, validation tips, and seeding instructions.

Qauth Json Seed Roles Permissions
Qauth Json Seed Roles Permissions
English version
en English

How to Create a JSON Seed File for Roles and Permissions in QAuth

What is QAUTH?

android chrome 192x192QAuth is a centralized authentication and authorization service designed by Quollnet to simplify how applications manage users, units, roles, and permissions. Instead of each app handling access control on its own, QAuth acts as a secure hub where rules are defined once and applied consistently across the ecosystem. This makes it easier for organizations to onboard users, delegate access, and enforce permission boundaries without duplicating logic in every project.

At its core, QAuth is built around role-based access control (RBAC). Users belong to units, and each unit has roles that define what actions its members can take. Permissions follow a clear naming convention, making access rules both human-readable and machine-enforceable. By separating authentication (who you are) from authorization (what you can do), QAuth provides a scalable, flexible, and transparent way to secure multi-app environments.


What is Seeding Roles and Permissions

Seeding roles and permissions is a crucial part of setting up role-based access control (RBAC) in QAuth. By defining roles and permissions in a JSON file, you make your access control structure declarative, portable, and easy to maintain across different environments.

This guide explains how to create a JSON seed file, what naming conventions to follow, how wildcards work, and how to validate and apply your file.

1. Why use a JSON seed file?

Instead adding roles and permissions manually in the application. This gives you:

  • Consistency across all environments.

  • Transparency – simple diffs show changes to access rules.

  • Portability – re-seed the same roles/permissions into new units/apps.

  • Safety – seeding is idempotent (safe to re-run).

2. File location

You can select the file saved on your device or you can do the following.

  • Save as: main_storage/common_roles.json

  • In config.py, set:
    COMMON_ROLES_PATH = "path/to/main_storage/common_roles.json"

3. JSON structure

A seed file contains two top-level arrays:

  • roles: each role has a name, description, and a grants list.

  • permissions: each permission has a unique name and description.

Example:

{

  "roles": [

    {

      "name": "creator",

      "description": "Unit owner with full access",

      "grants": ["*"]

    },

    {

      "name": "admin",

      "description": "Manage unit and members",

      "grants": ["*:unit", "add:*", "assign:permission"]

    },

    {

      "name": "viewer",

      "description": "Read-only access",

      "grants": ["view:unit", "view:member"]

    }

  ],

  "permissions": [

    { "name": "edit:unit", "description": "Edit unit settings" },

    { "name": "view:unit", "description": "View unit details" },

    { "name": "invite:member", "description": "Invite user to unit" },

    { "name": "add:role", "description": "Create role" },

    { "name": "assign:permission", "description": "Assign permissions" }

  ]

}


4. Naming conventions

  • Format: verb:subject (e.g., edit:unit, add:role)

  • Verbs: view, add, edit, delete, activate, deactivate, assign, invite

  • Subjects: nouns like unit, role, member

  • Allowed characters: lowercase letters, numbers, -, _, :

  • Example:

    • view:unit

    • add:member

    • can_edit_unit (old style, avoid underscores)

5. Using wildcards in grants

Wildcards make it easy to grant groups of permissions without listing each one:

  • * → all permissions

  • *:unit → all permissions ending with :unit

  • add:* → all permissions starting with add:

  • Literal names → attach exactly the given permission

Example:

{ "name" : "admin" , "grants" : [ "*:unit" , "add:*" , "assign:permission" ] }

Expands to:

  • All unit-related permissions (view:unit, edit:unit, deactivate:unit, …)

  • All permissions starting with add: (add:role, add:member, add:unit, …)

  • The explicit permission assign:permission

6. Seeding behavior

  • Permissions: created if new, skipped if they already exist.

  • Roles: if a role exists, its permissions are synced to match the grants list.

  • Unattached permissions: valid; they are created and left unused until assigned later.


Elie Saad's photo
Elie Saad
Oct 01, 2025
0
0
77
36

Qauth Json Seed Roles Permissions

Frequently Asked Questions

FAQ

Q: What happens if I re-run seeding?

A: The seeder is idempotent. Roles are synced, and permissions are skipped if they already exist. It is safe to re-run multiple times.

FAQ

Q: Can I define permissions that aren’t attached to any role?

A: Yes. They will be created and remain available for later use until they are assigned to roles.

FAQ

Q: What if I mistype a permission name in grants?

A: The seeder will ignore it unless a permission with that exact name exists.

FAQ

Q: Can I use both wildcards and literals?

A: Yes. For example, ["*:unit", "assign:permission"] will grant all unit-related permissions and also the specific assign:permission.

FAQ

Q: Should I still use names like can_edit_unit?

A: No. Use the new verb:subject format (for example, edit:unit) for clarity and consistency.

Related Checklists

Keying and Access Control System Inspection Checklist image
Keying and Access Control System Inspection Checklist
✅ 12 items
Inspecting keying and access control system programming is an essential task for ensuring the security and efficiency of a facility's entry system. This inspection involves evaluating the programming of the system, including key card access, pin codes, and biometric authentication mechanisms. By ensuring these systems are properly configured and maintained, you mitigate the risk of unauthorized access and maintain a secure environment. This checklist provides a comprehensive guide for inspecting these systems, with features that allow users to tick items, leave comments, and export the completed checklist for record-keeping and auditing purposes.
Façade Access and Fall-Protection Inspection Checklist image
Façade Access and Fall-Protection Inspection Checklist
✅ 12 items
Inspecting façade access systems and fall-protection gear is crucial for ensuring the safety of workers operating at heights. This checklist focuses on the thorough examination of cradles, anchors, and personal protective equipment used in façade work. By following this guide, you can minimize risks, ensure compliance with safety standards, and maintain the integrity of the equipment. Interactive features allow users to tick off items, leave comments, and export reports as PDF or Excel, secured with a unique QR code for authenticity.
Security System Functional Testing & Acceptance Checklist image
Security System Functional Testing & Acceptance Checklist
✅ 18 items
Security system functional testing and acceptance is a crucial phase in the deployment of any security infrastructure. This process involves verifying that all components of the security system are working as intended, including alarms, surveillance equipment, and access controls. The checklist is designed to ensure that each element meets predefined standards and specifications. Proper functional testing and acceptance help mitigate risks of system failure, ensuring security protocols are robust and reliable. With our interactive checklist, users can tick off each task, add comments, and export the completed report as a PDF or Excel file, complete with a QR code for authenticity.
Floor Surface Preparation Inspection Checklist image
Floor Surface Preparation Inspection Checklist
✅ 15 items
Proper floor surface preparation is crucial for ensuring the longevity and quality of tile installations. Whether you're a professional tiler or a DIY enthusiast, this checklist will guide you through the essential steps to inspect and prepare floor surfaces before tiling. This will help prevent common issues such as tile cracking, adhesive failure, and uneven surfaces. By following this comprehensive checklist, you can ensure that your tiling project begins with a solid foundation, ultimately saving time and costs on potential repairs.
Verify Warranty Documentation & Supplier Contacts image
Verify Warranty Documentation & Supplier Contacts
✅ 15 items
Verifying warranty documentation and supplier contacts is a critical step in maintaining quality assurance and operational efficiency. This process involves ensuring all warranty details are correct and that you have up-to-date contact information for suppliers. By verifying these documents, you prevent costly errors and ensure your team can quickly resolve any issues with products or services. This checklist is interactive, allowing you to tick off items, leave comments, and export your completed reports as a PDF or Excel file with a secure QR code for authenticity.

Related Articles

Customize Your Company Qr Code image
Customize Your Company Qr Code
⏳ 1 min read
Is It Important To Customize Your Qr Code And How To Do It?
his article discusses the importance of including a company logo in a QR code for better recognition, branding, and aesthetics. It showcases samples created by Quollnet's QR code designer and provides a step-by-step guide on customizing and generating a QR code using Quollnet's QR code generator. The guide includes uploading a logo, selecting colors and shapes, and generating the final code.
How To Create a Project Cash Flow For Contractors image
How To Create a Project Cash Flow For Contractors
⏳ 6 min read
Learn How To Create a Comprehensive Cash Flow For Construction Projects. Introducing Cashflowpot
Learn how to create a comprehensive cash flow for construction projects, including key contract conditions, subcontractor retention, work in excess of billing (WIEB), advance payments, and indirect costs. This step-by-step guide helps contractors manage project cash flows efficiently.
How To Create Your First Snag image
How To Create Your First Snag
⏳ 1 min read
How To Create Your First Sang In 4 Easy Steps
This article provides a step-by-step guide on creating a new snag using Snag Here, a web and mobile app for managing snags (construction defects) in projects. It covers logging in, creating projects, creating snag lists, selecting companies, and finally creating new snags with the ability to add images.
Work Inspection Request Guide image
Work Inspection Request Guide
⏳ 3 min read
Mastering Work Inspection Requests (wir): Essential Strategies For Modern Construction Management
Explore the essentials of Work Inspection Requests (WIR) in construction management, including workflows, legal implications, and best practices for efficiency.
Snag List Excel Format Sample image
Snag List Excel Format Sample
⏳ 1 min read
Download Excel Format Snag List
Excel Format Snag List